Update server.js

Author: kRxZykRxZy

server.js

@@ -1,5 +1,4 @@
 const express = require('express');
-const cors = require('cors');
 const path = require('path');
 
 // Import routes
@@ -9,38 +8,9 @@ const { router: saveDetailsRouter } = require('./src/npm/saveDetails');
 const { router: dataRouter } = require('./src/npm/data');
 
 const app = express();
-
-// Custom CORS middleware
-app.use((req, res, next) => {
-  const origin = req.get('Origin');
-
-  // Allow GET from any origin
-  if (req.method === 'GET') {
-    res.setHeader('Access-Control-Allow-Origin', '*');
-  } 
-  // Restrict POST and PUT to same-origin only
-  else if (['POST', 'PUT'].includes(req.method)) {
-    const allowedOrigin = 'http://localhost:3000'; // Change this to your actual frontend URL
-    if (origin === allowedOrigin || origin === 'https://scratch-id.onrender.com') {
-      res.setHeader('Access-Control-Allow-Origin', allowedOrigin);
-    } else {
-      return res.status(403).json({ error: 'Forbidden: Cross-origin POST/PUT not allowed' });
-    }
-  }
-
-  res.setHeader('Access-Control-Allow-Methods', 'GET, POST, PUT, OPTIONS');
-  res.setHeader('Access-Control-Allow-Headers', 'Content-Type, Authorization');
-
-  if (req.method === 'OPTIONS') {
-    return res.sendStatus(204);
-  }
-
-  next();
-});
-
 app.use(express.json());
 
-// Use the imported routes
+// Use the imported routes (no custom CORS)
 app.use(route1);
 app.use(route2);
 app.use(saveDetailsRouter);